The image of hackers in the popular imagination is likely that of shadowy weirdos (or a gaggle of absurdly-dressed teens), but one group is giving hacking a more professional sheen.
Driving the news: Hacking group LockBit has earned the title of “most prolific ransomware gang in the world,” carrying out ~25% of all known ransomware attacks last year and taking responsibility for breaches of over 40 organizations across the globe this month alone.
Separating LockBit from other hacker groups is its professionalism. The group has a “ransomware-as-a-service” business model in which it rents out its products to affiliates, offering them tech support, and having senior members step in at the end to do the hard stuff. When a ransom’s paid, LockBit takes up to 20% in commission.
- “LockBit manages themselves way better than a lot of legitimate companies,” one security researcher told Financial Times, “...they take care of their PR, they focus on their product, their business [and] they keep away from politics.”
Like any normal business, LockBit runs marketing campaigns (offering $1,000 to anyone who gets a tattoo of the group’s logo) and even follows an internal code of conduct.
- When one affiliate hacked Ontario’s SickKids hospital in December, breaking a rule forbidding the targeting of healthcare organizations, LockBit issued an apology and gave SickKids a free decryptor to unlock the targeted data.
Why it matters: Hacking groups are growing increasingly sophisticated while cybersecurity defences for most businesses and government organizations fail to keep up, putting personal data, vital services, and critical infrastructure at risk.